<?php
/**
 * Core_Data_Fixentity
 * xss fix entity protection
 *
 * @author Adrian Stolarski
 */
class Core_Data_Fixentity implements Core_Data_Xssfilterable {
    
    /**
     * xss_filter()
     * xss fix entity
     * @param type $value
     * @return type $value
     */
    public function xss_filter($value) {
        $value = str_replace(array('&amp;','&lt;','&gt;'), array('&amp;amp;','&amp;lt;','&amp;gt;'), $value);
        $value = preg_replace('/(&#*\w+)[\x00-\x20]+;/u', '$1;', $value);
        $value = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $value);
        $value = html_entity_decode($value, ENT_COMPAT, 'UTF-8');
        return $value;
    }

}
